[ https://issues.apache.org/jira/browse/ISIS-3305?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17645610#comment-17645610 ]
Andi Huber commented on ISIS-3305: ---------------------------------- Thanks for shedding some light on the greater picture behind our security stuff. You did answer quite a few questions I had. And I basically agree with your suggestions. > [DISCUSS] Re-platform on top of Spring security. > ------------------------------------------------ > > Key: ISIS-3305 > URL: https://issues.apache.org/jira/browse/ISIS-3305 > Project: Isis > Issue Type: Improvement > Affects Versions: 2.0.0-M9 > Reporter: Daniel Keir Haywood > Priority: Major > Fix For: 2.1.0 > > > as per [https://the-asf.slack.com/archives/CFC42LWBV/p1670661588201299] > > Andi's wish list of changes is: > # drop Shiro support > # drop Keycloak support > # instead fully integrate with Spring Security > # drop SudoService > # instead provide impersonation via a specialized login page > # drop Wicket's .../login, .../logout > # instead provide simple replacements under /security/... central to the > application (not using Wicket) > Why? Focus on one security stack and do that integration well > -- This message was sent by Atlassian Jira (v8.20.10#820010)